The present invention relates to techniques for authenticating transactions in a network, such as the Internet.
Online financial transactions are increasingly popular. For example, consumers and businesses are benefiting from the convenience associated with services such as Internet banking and e-commerce.
In a typical online financial transaction, a user interacts with a web page, which is provided by a server that is associated with a business, via a web browser that executes in the user's computer. In particular, the user provides information associated with the financial transaction in fields in the web page using a user-interface device, such as a keyboard. In addition, information associated with the financial transaction may be pre-populated in the fields by the server based on previous financial transactions between the business and the user. Moreover, prior to completing the financial transaction, the information is usually presented to the user in the web page for the user's review and approval.
Historically, security during the financial transaction has largely focused on ensuring that the user accesses the correct uniform resource locator (and thus the web page) associated with the business, and encrypting the communication between the user's computer and the server. For example, the financial transaction may be conducted using a cryptographic protocol, such as Secure Sockets Layer (SSL), which validates the identity of the web page and creates a secure encrypted connection or channel for communicating financial information (such as credit-card information).
However, recently a new class of computer virus has been developed which can make web browsers unsafe for financial transactions. These viruses, such as the ZeuS Trojan, change data entered by the user prior to the secure channel between the server and the user's computer. In particular, the ZeuS Trojan is a browser-helper-object virus that disassociates the bits corresponding to the information associated with the financial transaction from the pixels displayed by the web browser by manipulating the document object model (DOM) in the web browser. In the process, the information that the user sees presented in the web page is different from the information that is sent to the server. This form-grabbing technique allows viruses such as the ZeuS Trojan to modify the information so that, for example, a wire transfer is routed to a different bank account (as a consequence, viruses, such as the ZeuS Trojan, are sometimes referred to as ‘crimeware’).
Furthermore, current anti-virus software is often unable to detect when the user's computer is infected with a browser-helper-object virus. Consequently, browser-helper-object viruses are a rapidly growing threat which can undermine the convenience and cost savings associated with online financial transactions, and therefore threaten an increasingly important commercial channel.